惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
L
Lohrmann on Cybersecurity
aimingoo的专栏
aimingoo的专栏
V
V2EX
S
Security Affairs
T
Threatpost
C
CXSECURITY Database RSS Feed - CXSecurity.com
IT之家
IT之家
J
Java Code Geeks
The Register - Security
The Register - Security
U
Unit 42
C
CERT Recently Published Vulnerability Notes
月光博客
月光博客
A
About on SuperTechFans
H
Hackread – Cybersecurity News, Data Breaches, AI and More
T
The Blog of Author Tim Ferriss
Cisco Talos Blog
Cisco Talos Blog
Project Zero
Project Zero
S
Schneier on Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
D
DataBreaches.Net
博客园 - 司徒正美
V
Vulnerabilities – Threatpost
T
Tor Project blog
Security Latest
Security Latest
T
The Exploit Database - CXSecurity.com
T
Threat Research - Cisco Blogs
Scott Helme
Scott Helme
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
M
MIT News - Artificial intelligence
云风的 BLOG
云风的 BLOG
小众软件
小众软件
L
LangChain Blog
Attack and Defense Labs
Attack and Defense Labs
Recent Commits to openclaw:main
Recent Commits to openclaw:main
P
Palo Alto Networks Blog
A
Arctic Wolf
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园 - 叶小钗
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
LINUX DO - 最新话题
MongoDB | Blog
MongoDB | Blog
Webroot Blog
Webroot Blog
H
Hacker News: Front Page
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
AWS News Blog
AWS News Blog
Engineering at Meta
Engineering at Meta

Vectra AI Blog

Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Why You Need an NDR to Protect Your Modern Network Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI named in Gartner hype cycle for security operations 2025 Vectra AI Vectra AI Vectra AI How Sanofi Detected and Stopped a Cyberattack How MITRE ATLAS Helps Detect LLM Attacks in Cloud AI Detecting Iranian APT identity attacks across hybrid environments Vectra AI Vectra AI Vectra AI Breaking down the axios supply chain incident Vectra AI Vectra AI Who’s Doing What on Your Network? FortiClient EMS Zero-Day: When the Control Plane Becomes Initial Access Detecting Compromise After the Axios Supply Chain Attack. Vectra AI Vectra AI Vectra AI AI Is Now the Attack Surface: Why Your Security Stack Must Adapt Fast Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI How attackers use Brute Ratel (BRC4) Vectra AI Vectra AI Vectra AI The Cutting Edge: AI’s Inevitable Rise in Offensive Security Vectra AI Vectra AI Is AI the Right Tool to Defend Against Modern Cyberattacks? Vectra AI Vectra AI Vectra AI Turns Out Network Security Is Cool Again – and It’s Called NDR Vectra AI Vectra AI Vectra AI Choosing the Right NDR: Gartner’s 5 Questions Every Security Buyer Should Be Asking Vectra AI Vectra AI Named a Leader and Outperformer in the 2025 GigaOm Radar Report for Identity Threat Detection and Response (ITDR) Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI You Have the Right Tools. So Why Are Attackers Still Getting In? Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Challenges in Microsoft Log Monitoring: Insights for Your SOC Vectra AI Platform Visualizes Multi-domain Modern Attacks with Attack Graphs Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Gartner Security and Risk Conference – Chaos meets Opportunity Vectra AI Named a Leader and Outperformer in the 2025 GigaOm Radar Report for Network Detection and Response (NDR) Presenting the 2025 Vectra AI Scholars Simplify Threat Investigation and Hunting with Pre-built Queries in Vectra Investigate The 2025 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) - Why Vectra AI Stands Tall Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI How Black Basta Turned Public Data into a Breach Playbook Play’s New Tactics Bypass Traditional Defenses. Are You Ready? Charting a New Era of Network Security: Vectra AI at the Forefront Unlocking Operational Efficiency: How Vectra AI Drives 40% Gains in SOC Performance and 391% ROI CISA Flags Fast Flux as a National Threat: Are You Covered? AI Agents: What Do They Mean in Cybersecurity?
Identity-Centric Attacks: The New Reality for UK Retail
2025-05-06 · via Vectra AI Blog

In recent weeks, several major UK retailers have fallen victim to cyberattacks that reflect a dangerous trend: a rise in sophisticated, identity-centric attacks that bypass traditional defenses and exploit complexity across hybrid IT environments.

At least one attack has been linked to Scattered Spider, a well-known cybercriminal group that epitomizes the modern identity-based threat.

Who Is Scattered Spider, and Why Does It Matter?

Scattered Spider represents a new class of adversaries: skilled, stealthy, and relentless. They rely on social engineering and credential theft to impersonate real users, enabling them to infiltrate networks, escalate privileges, and quietly move laterally to steal data or deploy ransomware.

Their techniques include:

  • Phishing, vishing, and impersonation to extract credentials
  • Multi-factor authentication (MFA) bypasses using SIM swaps, fatigue attacks, and help desk deception
  • Abuse of identity systems like Active Directory, SSO, and Entra ID
  • Use of remote access tools to further obscure malicious activity

Their victims include major global organizations such as MGM Resorts and Caesars Entertainment—businesses where identity sprawl and complex access environments are common.

For more details, watch the complete Scattered Spider threat briefing.

Today’s Attacks Are Identity-Driven

Attackers no longer hack in—they log in.

Today’s attackers don’t break down the door. They walk right through it using stolen credentials. Once inside, they blend in, escalate access, and move swiftly. CrowdStrike reports the average time from initial compromise to lateral movement is now just 48 minutes.

The modern identity landscape adds fuel to the fire. Human and machine identities—from employees and contractors to service accounts and automation tools—expand the attack surface exponentially. Each one presents a potential entry point.

Even with tools like MFA and privileged access management (PAM) in place, attackers are finding ways to bypass them. These tools, while essential, can’t detect or stop post-compromise activity like lateral movement or privilege abuse.

How Vectra AI Detects and Stops Scattered Spider-Like Attacks

Vectra AI was built to detect and stop the exact kinds of attacks threat actors like Scattered Spider execute. The Vectra AI Platform, including its Identity Threat Detection and Response (ITDR) capabilities, offers a purpose-built solution to stop identity-centric threats in real time.

By analyzing behaviors across cloud, network, and SaaS environments, we detect early signs of credential misuse, lateral movement, and privilege abuse — and surface only what truly matters to your SOC.  

Our customers are reducing attack exposure by 52%, removing up to 50% of time spent on manual tasks, and improving security team efficiency and effectiveness by 40% (IDC: The Business Value of Vectra AI).

Vectra AI Platform Delivers:

  • Behavioural-based detections across identity, cloud, and network - surfacing misuses using valid credentials that evade traditional defenses
  • AI-driven triage, stitching and prioritization of real attacker behaviors (not noisy alerts)
  • Comprehensive native, integrated, managed responses to lock down accounts and revoke EDR sessions

With Vectra AI, you can:

  • Stop Hybrid Human and Non-Human Identity Attacks: Detect credential abuse, lateral movement, and privilege escalation before a breach occurs
  • Stop Cloud Data Breaches and Ransomware: Identify behaviors indicating cloud workload abuse, ransomware and data exfiltration
  • Defend Identity infrastructure: Stop attacks targeting identity store – kerberoasting, DCSYC, rouge LDAP, etc.

For more information, see Vectra AI's MITRE ATT&CK cloud identity coverage for Scattered Spider.

The Bottom Line

Attackers like Scattered Spider are exploiting the shift to hybrid infrastructure and identity-centric operations.  

When attackers walk in the front door using stolen identities, Vectra AI ensures you’re still ready to meet them—with speed, accuracy, and control.